Vulnerabilities (CVE)

Filtered by vendor Modxcms Subscribe
Filtered by product Evolution
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0741 1 Modxcms 1 Evolution 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.
CVE-2010-3930 1 Modxcms 1 Evolution 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.
CVE-2010-3929 1 Modxcms 1 Evolution 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.
CVE-2010-1427 1 Modxcms 1 Evolution 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch.